CVE-2007-5699

eIQNetworks Enterprise Security Analyzer 2.5 - Stack-Based Buffer Overflow via SEARCHREPORT Command

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-5699. PoCs published by ri0t.

AI-analyzed exploit summary This exploit targets a stack-based buffer overflow in eIQNetworks Enterprise Security Analyzer via the SEARCHREPORT command. It uses an egghunter technique to locate and execute the payload, achieving remote code execution.

Description

Stack-based buffer overflow in eIQNetworks Enterprise Security Analyzer (ESA) 2.5 allows remote attackers to execute arbitrary code via certain data on TCP port 10616 that results in a long argument to the SEARCHREPORT command, a different vector than CVE-2007-2059.

Exploits (1)

exploitdb WORKING POC VERIFIED
by ri0t · rubyremotewindows
https://www.exploit-db.com/exploits/4566

This exploit targets a stack-based buffer overflow in eIQNetworks Enterprise Security Analyzer via the SEARCHREPORT command. It uses an egghunter technique to locate and execute the payload, achieving remote code execution.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: eIQNetworks Enterprise Security Analyzer v2.5
No auth needed
Prerequisites: Network access to the target on port 10616
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/38139
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/26189
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/4566

Scores

EPSS 0.0371
EPSS Percentile 88.3%

Details

CWE
CWE-119
Status published
Products (1)
eiqnetworks/enterprise_security_analyzer 2.5
Published Oct 29, 2007
Tracked Since Feb 18, 2026